<?php
//定义页面的访问权限1.2.3... (1为最高权限)
$PAGE_AUTHORITY=99; //99在这里特殊的指登陆页面
require_once '../global.inc.php';
//页面传值
$username   =   $_POST["username"];
$password	=   $_POST["password"];
$verify		=   $_POST["verify"];
//session中存储的随机码
$rand     	=	$_SESSION["rand"];

//数据库相关赋值
$table		=	"user";

if ($username&&$password&&$verify) {
	//加密
	$password = md5($password);
	//查询用户名密码是否正确
	Database::connect($HOST, $NAME, $PWD, $DB);
	$user = Database::findByField("$table","user_name='$username' and password='$password'");
	
	//检查的验证码是否正确
	if ($verify!=$rand) {
		echo "<script>alert('验证码不正确');</script>";
		echo "<script>history.go(-1);</script>";
		exit;
	}
	if ($user) {
		$userId					=	$user["user_id"];
		//登陆时间
		$lastLoginTime			=	date("Y-m-d H:i:s");
		$sql					=	"update user set last_login_time='$lastLoginTime' where user_id = $userId";
		Database::update($sql);
		//取出首页上的相关提醒数据
		//当日生日的会员
		$today = date("md");
		$sql = "select member_name,birthday,mobile from member where date_format(birthday,'%m%d')=$today";
		$birthdayArray = Database::find($sql);
		//取近期活动
		$sql = "select a.subject,b.travel_date,b.sale_fee,b.leader from info_activity a,instance_activity b 
				where a.activity_id = b.activity_id and status = 1 order by travel_date";
		$currentActivityArray = Database::find($sql);
		
		//取已超期未结束的活动
		$today = date("Ymd");
		$sql = "select a.subject,b.back_date,b.sale_fee,b.leader from info_activity a,instance_activity b 
				where a.activity_id = b.activity_id and status = 1 and date_format(back_date,'%Y%m%d')<$today order by back_date";
		$passActivityArray = Database::find($sql);
		
		//取活动结束后没有结算积分的
		$sql = "select a.subject,b.travel_date,b.sale_fee,b.leader from info_activity a,instance_activity b
				where a.activity_id = b.activity_id and status = 2 order by travel_date";
		$scoreActivityArray = Database::find($sql);
		
		Database::close();
		//登陆成功，将用户信息加密写入session方便后续页面验证,将登陆的时间写入session
		$user["last_login_time"]=	$lastLoginTime;
		$_SESSION["user"]		=	$user;
		$_SESSION["shell"] 		= 	md5($user['user_name'].$user['password']);
		//提醒数据写入session
		$_SESSION["birthdayArray"]			=$birthdayArray;
		$_SESSION["currentActivityArray"]	=$currentActivityArray;
		$_SESSION["passActivityArray"]		=$passActivityArray;
		$_SESSION["scoreActivityArray"]		=$scoreActivityArray;
		
		//产生登陆时间的串
		$_SESSION["loginTime"]	=	mktime();
		echo "<script>window.location.href='../view/main.php';</script>";
	}else{
		echo "<script>alert('用户名或密码错误');</script>";
		echo "<script>history.go(-1);</script>";
	}
}else{
	echo "<script>alert('请填写完整的登录信息');</script>";
	echo "<script>history.go(-1);</script>";
}
?>